Use UFW Simple Firewall

Enable UFW on:

# Sudo UFW enable

The initial mode is accept.

1. Simple syntax. Incoming/outgoing + Port ):
# Sudo UFW allow 53

2. Specify a protocol to set the use of the firewall. '/Protocol' +
Port. Example:
# Sudo UFW allow 53/tcp

Or UDP
# Sudo UFW allow 53/udp

3. You can view the port number of the relevant server on your host./etc/services.
# Cat/etc/services | less

Next I will use SSH as an example of port 22
# Sudo UFW allow SSH

4.You can also use a more comprehensive syntax to specify the source address, destination address, and port. This syntax is based on the PF Syntax of OpenBSD. This will deny all traffic to TCP
Port 22 is on the host.
# UFW deny proto TCP to any port 22

5. Deny all traffic from TCP
10.0.0.0/8

To the address 192.168.0.1 on port 22.
# UFW deny proto TCP from 10.0.0.0/8 to 192.168.0.1 port 22

6. Only the original prefix rule is deleted. For example, if the original rule is:
# UFW deny 22/tcp

Use this to delete it:
# Sudo UFW Delete deny 22/tcp

7. Deny all access ports 80
Sudo UFW deny 80
Allow all access ports 80
Sudo UFW allow 80/tcp

8. can block a single host:
Sudo UFW deny from 207.46.232.182
The above command blocks Microsoft from Shanghai and can block Microsoft's B-level
Sudo UFW deny from 207.46.0.0/16
All hosts that can access the rfc1918 network (LAN/WLAN) can be:
Sudo UFW allow from 10.0.0.0/8
Sudo UFW allow from 172.16.0.0/12
Sudo UFW allow from 192.168.0.0/16

9. Access to UDP port 139 is denied from host 192.168.1.1:
Sudo UFW deny proto UDP from 192.168.1.1 to any port 139
Same as above. Set TCP
Sudo UFW deny proto TCP from 192.168.1.1 to any port 139

10. Allow access from 192.168.1.1 to UDP port 22 from 192.168.1.100 port 22:
Sudo UFW allow proto UDP from 192.168.1.100 port 22 to 192.168.1.1 Port
22

11. If the port to be checked has the listening status.
# Sudo UFW status

To disable UFW:
# Sudo UFW disable

To enable use:
# UFW logging on

To disable log usage:
# UFW logging off